A Guide for Hackers who wants to become a committer

April 18, 2025 Mert Gör

A Guide for Hackers who wants to become a committer

This repository includes the path to become a committer with any kind of git oriented workflow to push commits to any kind of forge.

Setting SSH Keys

Please read :

Configuring GPG Key

https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key
After generating GPG Key please run :

gpg --list-secret-keys --keyid-format=long

Then run this command but replace 3AA5C34371567BD2 with your GPG Key ID:

gpg --output secret.key --export-secret-keys 3AA5C34371567BD2

Then run this command for Revocation Certificate but replace 3AA5C34371567BD2 with your GPG Key ID:

gpg --output revoke.asc --gen-revoke 3AA5C34371567BD2

Then export your public key with this command but replace 3AA5C34371567BD2 with your GPG Key ID :

gpg --armor --export 3AA5C34371567BD2 > 3AA5C34371567BD2.asc

publish to PGP Global Directory , import key , trust and sign with Thunderbird Email Client or any other client
After this backup your secret.key and revoke.asc to an external disk and keep it safe.
Then open your public key with a text editor and copy all text and add your Public Key to GitHub like told here : https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account

For signing Commits with your GPG Key

Please read this :

Conclusion

We have generated SSH Key and added our public SSH Key to our GitHub account.
We have generated GPG Key, exported secret key, exported revocation certificate, published our public key to a server in this example PGP Global Directory and then we moved our secret.key and revoke.asc to an external disk. Then we added our GPG key to GitHub account.
For signing commit we configured our git account.

Where we store this documentation